v1.14 Backports 2023-08-28 #27739
Merged
v1.14 Backports 2023-08-28 #27739
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ upstream commit 87518a3 ] Currently dnsProxy.dnsRejectResponseCode helm value is ignored because FQDNRejectResponseCode is not populated from viper Signed-off-by: Andrii Iuspin <yuspin@gmail.com> Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
[ upstream commit dcef00d ] Signed-off-by: weizhou.lan@daocloud.io <weizhou.lan@daocloud.io> Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
[ upstream commit 6217d01 ] Add a note under limitations to the needed kernel commit for getting nfs working, and reference to the GH issue, so that the discussion is easier to find. Once we get this into stable releases, we can update this bullet with more info. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
[ upstream commit c45dbb9 ] This change will re-trigger the auth mechanism if a signal got send but the entry was already in cache. It adds a 1 second backoff time to allow for the backend map to finish updating, which is why it was added in the first place. Signed-off-by: Maartje Eyskens <maartje@eyskens.me> Signed-off-by: Maartje Eyskens <maartje.eyskens@isovalent.com> Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
pippolo84
added
kind/backports
pippolo84
requested review from
borkmann,
jschwinger233,
brlbil,
meyskens and
giorio94
jschwinger233
approved these changes
Aug 28, 2023
giorio94
approved these changes
Aug 28, 2023
|
/test-backport-1.14 |
[ upstream commit e9e43fe ] This commit changes workflow's name fields to make them more human readable by adding spaces. Also some of the names was changed to be more consistent with each other Signed-off-by: Birol Bilgin <birol@cilium.io> Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
[ upstream commit 0481d5f ] Signed-off-by: Richard Tweed <RichardoC@users.noreply.github.com>
[ upstream commit 6fa9708 ] While the digests are unset and disabled in the main branch, they are set to the values corresponding to the latest patch release for stable branches. Hence, let's explicitly disable them when pushing the development helm chart. Signed-off-by: Marco Iorio <marco.iorio@isovalent.com> Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
[ upstream commit e46ade2 ] This check was designed to inform users of CCNP that the behaviour changed around the timeframe of v1.9. However, the actual check is complaining about policy that is valid. At this point there is no need to warn users during preflight checks that they are using empty endpoint selectors in CCNPs, because this can validly be used to select all Pods within the cluster. Remove the check. Signed-off-by: sh2 <shawnhxh@outlook.com> Signed-off-by: Joe Stringer <joe@cilium.io> Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
brlbil
force-pushed
the
pr/v1.14-backport-2023-08-28
branch
from
9616059
to
6eb185d
Compare
|
/test-backport-1.14 |
brlbil
approved these changes
Aug 29, 2023
There was a problem hiding this comment.
I have made small changes to my commit.
Since some of the workflow names changed, Required Worflows needs to be changed after this is merged. The list of changes is below.
-name: ConformanceAKS (ci-aks)
+name: Conformance AKS (ci-aks)
--
-name: ClusterMesh (ci-multicluster)
+name: Conformance Cluster Mesh (ci-clustermesh)
--
-name: Cilium Conformance E2E (ci-e2e)
+name: Conformance E2E (ci-e2e)
--
-name: ConformanceEKS (ci-eks)
+name: Conformance EKS (ci-eks)
--
-name: External workloads (ci-external-workloads)
+name: Conformance External Workloads (ci-external-workloads)
--
-name: ConformanceGatewayAPI
+name: Conformance Gateway API
--
-name: Conformance ginkgo (ci-ginkgo)
+name: Conformance Ginkgo (ci-ginkgo)
--
-name: ConformanceGKE (ci-gke)
+name: Conformance GKE (ci-gke)
--
-name: ConformanceIngress
+name: Conformance Ingress
--
-name: K8sUpstreamNetConformance
+name: Conformance K8s Upstream Network
--
-name: ConformanceK8sKind
+name: Conformance K8s Kind
--
-name: Cyclonus network policy test
+name: Cyclonus Network Policy Test
--
-name: ConformanceKindEnvoyDaemonSet
+name: Conformance Kind Envoy DaemonSet
--
-name: ConformanceMultiPoolIPAM
+name: Conformance Multi Pool IPAM
--
-name: Cilium Runtime
+name: Conformance Runtime
--
-name: Container vulnerability scan
+name: Container Vulnerability Scan
--
-name: IntegrationTests
+name: Integration Tests
--
-name: BPF checks
+name: BPF Checks
--
-name: build-commits
+name: Build Commits
--
-name: codeql
+name: CodeQL
--
-name: Go-related checks
+name: Go Related Checks
--
-name: GitHub Workflow-related checks
+name: GitHub Workflow Related Checks
--
-name: Smoke test
+name: Smoke Test
Also, Branch protection rules need to be adjusted.
To Remove
build datapath
coccicheck
conformance-test
conformance-test-ipv6
generate-api
generate-k8s-api
go-mod
lint
precheck
preflight-clusterrole
To Add
BPF Checks / Build Datapath
BPF Checks / Run coccicheck
Smoke Test / Installation and Conformance Test
Smoke Test with IPv6 / Installation and Conformance Test
Go Related Checks / Generate API
Go Related Checks / Generate k8s API
Go Related Checks / Check Go Modules
Go Related Checks / Lint Source Code
Go Related Checks / Precheck
Smoke Test / Preflight Clusterrole Check
|
LGTM for my PR |
|
/test-backport-1.14 |
borkmann
approved these changes
Aug 31, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
newAuthManager(ipCache->nodeIDHandler) and unexportedAuthManagertype)build-images-docs-builder.yaml,close-stale-issues.yaml,ci-images-cache-cleaner.yaml,ci-images-garbage-collect.yaml,conformance-ipsec-e2e.yamlandlint-codeowners.yaml)Once this PR is merged, you can update the PR labels via:
or with